CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-12 12:12:59 +01:00
Code Issues Packages Projects Releases Wiki Activity

Setup Script - Add Storage Node Logic

Browse Source
This commit is contained in:
Mike Reeves
2018-03-19 15:01:53 -04:00
parent 58a4b52b30
commit 6d0a6006f7
1 changed files with 22 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
so-setup-network.sh
View File

@@ -87,6 +87,10 @@ create_bond () {
fi fi
} }
create_socore_password () {
# Enter a password for socore
}
detect_os () { detect_os () {
# Detect Base OS # Detect Base OS
if [ -f /etc/redhat-release ]; then if [ -f /etc/redhat-release ]; then
@@ -113,6 +117,10 @@ got_root () {
exit 1 exit 1
fi fi
} }
install_master () {
yum -y install salt-master
}
master_pillar () { master_pillar () {
# Create the master pillar # Create the master pillar
touch /opt/so/saltstack/pillar/masters/$HOSTNAME.sls touch /opt/so/saltstack/pillar/masters/$HOSTNAME.sls
@@ -191,7 +199,7 @@ whiptail_install_type () {
"SENSORONLY" "Sensor join existing grid" OFF \ "SENSORONLY" "Sensor join existing grid" OFF \
"MASTERONLY" "Start a new grid with no sensor running on it" OFF \ "MASTERONLY" "Start a new grid with no sensor running on it" OFF \
"HEAVY" "Create a Heavy sensor. (Bad Idea)" OFF \ "HEAVY" "Create a Heavy sensor. (Bad Idea)" OFF \
"BACKENDNODE" "Add a node to the back end" OFF 3>&1 1>&2 2>&3 ) "STORAGENODE" "Add a node to the back end" OFF 3>&1 1>&2 2>&3 )
} }
@@ -234,6 +242,9 @@ whiptail_sensor_config () {
# Check for prerequisites # Check for prerequisites
got_root got_root
detect_os
# Question Time
if (whiptail --title "Security Onion Setup" --yesno "Are you sure you want to install Security Onion over the internet?" 8 78) then if (whiptail --title "Security Onion Setup" --yesno "Are you sure you want to install Security Onion over the internet?" 8 78) then
@@ -244,7 +255,7 @@ if (whiptail --title "Security Onion Setup" --yesno "Are you sure you want to in
whiptail_install_type whiptail_install_type
# Get list of NICS if it isn't master only # Get list of NICS if it isn't master only
if [ $INSTALLTYPE != 'MASTERONLY' ]; then if [ $INSTALLTYPE != 'MASTERONLY' ] || [ $INSTALLTYPE != 'STORAGENODE' ]; then
# Another option: cat /proc/net/dev | awk -F: '{print $1}' | grep -v 'lo\|veth\|br\|dock\|Inter\|byte' # Another option: cat /proc/net/dev | awk -F: '{print $1}' | grep -v 'lo\|veth\|br\|dock\|Inter\|byte'
# Pick which interface you want to use as the Management # Pick which interface you want to use as the Management
@@ -254,7 +265,7 @@ if (whiptail --title "Security Onion Setup" --yesno "Are you sure you want to in
whiptail_bond_nics whiptail_bond_nics
fi fi
if [ $INSTALLTYPE == 'SENSORONLY' ]; then if [ $INSTALLTYPE == 'SENSORONLY' ] || [ $INSTALLTYPE == 'STORAGENODE' ]; then
# Get the master server for the install # Get the master server for the install
whiptail_management_server whiptail_management_server
@@ -262,7 +273,7 @@ if (whiptail --title "Security Onion Setup" --yesno "Are you sure you want to in
fi fi
# Time to get asnwers to questions so we can fill out the pillar file # Time to get asnwers to questions so we can fill out the pillar file
if [ $INSTALLTYPE != 'MASTERONLY' ]; then if [ $INSTALLTYPE != 'MASTERONLY' ] || [ $INSTALLTYPE != 'STORAGENODE' ]; then
whiptail_nids whiptail_nids
# Commented out until Snort releases 3.x # Commented out until Snort releases 3.x
@@ -287,7 +298,7 @@ if (whiptail --title "Security Onion Setup" --yesno "Are you sure you want to in
# Ask how many CPUs to use for bro # Ask how many CPUs to use for bro
fi fi
if [ $INSTALLTYPE != 'SENSORONLY' ]; then if [ $INSTALLTYPE != 'SENSORONLY' ] || [ $INSTALLTYPE != 'STORAGENODE' ]; then
whiptail_rule_setup whiptail_rule_setup
# Get the code if it isn't ET Open # Get the code if it isn't ET Open
@@ -303,15 +314,14 @@ if (whiptail --title "Security Onion Setup" --yesno "Are you sure you want to in
## Do all the things!! ## ## Do all the things!! ##
######################### #########################
if [ $INSTALLTYPE == 'SENSORONLY' ] || [ $INSTALLTYPE == 'BACKENDNODE' ]; then if [ $INSTALLTYPE == 'SENSORONLY' ] || [ $INSTALLTYPE == 'STORAGENODE' ]; then
copy_ssh_key copy_ssh_key
fi fi
detect_os
# Create bond interface # Create bond interface
if [ $INSTALLTYPE != 'MASTERONLY' ] || [ $INSTALLTYPE != 'BACKENDNODE' ]; then if [ $INSTALLTYPE != 'MASTERONLY' ] || [ $INSTALLTYPE != 'STORAGENODE' ]; then
echo "Setting up Bond" echo "Setting up Bond"
create_bond create_bond
fi fi
@@ -324,8 +334,8 @@ detect_os
yum -y install salt-minion yum-utils device-mapper-persistent-data lvm2 yum -y install salt-minion yum-utils device-mapper-persistent-data lvm2
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
if [ $INSTALLTYPE != 'SENSORONLY' ]; then if [ $INSTALLTYPE != 'SENSORONLY' ] || [ $INSTALLTYPE != 'STORAGENODE' ]; then
yum -y install salt-master install_master
fi fi
else else
ADDUSER=useradd ADDUSER=useradd
@@ -349,7 +359,7 @@ detect_os
apt-get update apt-get update
apt-get -y install salt-minion apt-get -y install salt-minion
if [ $INSTALLTYPE != 'SENSORONLY' ] || [ $INSTALLTYPE != 'BACKENDNODE' ]; then if [ $INSTALLTYPE != 'SENSORONLY' ] || [ $INSTALLTYPE != 'STORAGENODE' ]; then
apt-get -y install salt-master apt-get -y install salt-master
fi fi
fi fi
@@ -358,7 +368,7 @@ detect_os
mkdir -p /opt/so/conf mkdir -p /opt/so/conf
# Create the salt directories if this isn't a stadnalone sensor # Create the salt directories if this isn't a stadnalone sensor
if [ $INSTALLTYPE != 'SENSORONLY' ] || [ $INSTALLTYPE != 'BACKENDNODE' ]; then if [ $INSTALLTYPE != 'SENSORONLY' ] || [ $INSTALLTYPE != 'STORAGENODE' ]; then
salt_directories salt_directories
fi fi